A Supervisory Control Approach to Dynamic Cyber-Security
This addresses cyber-security for network defenders, but it appears incremental as it applies existing supervisory control methods to a specific dynamic security scenario.
The paper tackles dynamic cyber-security by modeling network attacks as a discrete event system and formulating a min-max supervisory control problem with imperfect information, using dynamic programming to find an optimal defender policy within a restricted set and analyzing its behavior under parameter variations.
An analytical approach for a dynamic cyber-security problem that captures progressive attacks to a computer network is presented. We formulate the dynamic security problem from the defender's point of view as a supervisory control problem with imperfect information, modeling the computer network's operation by a discrete event system. We consider a min-max performance criterion and use dynamic programming to determine, within a restricted set of policies, an optimal policy for the defender. We study and interpret the behavior of this optimal policy as we vary certain parameters of the supervisory control problem.